[...]... Chapter 8 Encryption Technologies and OS X 289 Introduction: OS9 TO OS X 290 OS X Security and Encryption: Encryption Within OS X 291 The System Keychain 291 Better Keychain Security 292 OS X Security and Encryption: OS X Password Encryption ... realized their beloved Mac was now a UNIX machine When you look at the roots of OS X, a large number of open source modules and programs were obtained from other groups including Carnegie Mellon, FreeBSD, GNU, Mach, Xfree86, NEXTSTEP, and OPENSTEP The OS X Kernel In a nutshell the real OS X is when the combination of several components come together XNU is the actual OS X kernel name on the boot drive It... Unix compatibility layer All the power, all the tools, and all the geekery of Linux is present in Mac OS X Shell scripts, X1 1 apps, processes, kernel extensions… it’s a UNIX platform It’s even possible to forgo Apple’s GUI altogether and run KDE Why you’d want to is another matter While its UNIX core is what has made Mac OS X a viable platform for hackers and programmers, it’s the user interface that has... Macintosh OS X Boot Process and Forensic Software Notes from the Underground… Bad Guy Won’t Give You The Password? No Problem! If you need to investigate a Macintosh that is running OS X and you need to access a program on a booted forensic copy of the subject’s drive, and he won’t give you his login password, don’t worry If you have any version of the Macintosh OS X boot CD or DVD, place that in the examination... MacDrive7 Screen (Windows XP version) From the main menu you have the quick choices of Exploring a Macintosh volume, burning a Macintosh formatted CD or DVD, and formatting or repairing a Macintosh formatted volume Mounted Macintosh volumes are shown with a small red Apple logo (see Figure 1.9) www.syngress.com Macintosh OS X Boot Process and Forensic Software • Chapter 1 Figure 1.9 Macintosh Options www.syngress.com... 309 310 311 312 312 313 313 313 316 317 317 317 317 318 320 320 Index 323 Chapter 1 Macintosh OS X Boot Process and Forensic Software Solutions in this chapter: ■ The Boot Process ■ The Macintosh Boot Process ■ Macintosh Forensic Software ˛ Summary   Chapter 1 • Macintosh OS X Boot Process and Forensic Software Introduction “The computer for... I wanted most At a 1998 keynote, Steve Jobs showed off a mere dialog box, to great applause The dialog read: “The application Bomb has unexpectedly quit.You do not need to restart your computer.” I take it for granted on Mac OS X, but as I write this, I’m recalling occasions when Internet Explorer brought my entire system down multiple times in a single day www.syngress.com Macintosh OS X Boot Process... published for executing arbitrary code on OS9 , and I cannot think of any notable legacy Macintosh exploits Due to the combined lack of obvious vulnerabilities and accompanying exploits, Macintosh appeared to be a solid platform (See http://www.w3.org/Security/Faq/wwwsf3.html#Q20.) In the late 1990s, the World Wide Web Consortium (W3C) stated that, “The safest Web site is a bare-bones Macintosh running... chipset Macintosh computers use a much different boot process OS X uses Open Firmware that is very much like the BIOS noted earlier The Open Firmware that Apple uses in the Macintosh is based on the IEEE-1275 standard EFI and BIOS: Similar but Different Just like any other computer on the market, when the power switch is activated on a Macintosh, the system goes through a Power On Self Test (POST), resets... Sucks.” Mac OS X was an entirely different operating system Most classic Mac OS applications were compatible, but only when operating inside a special run-time environment All system extensions and user interface modifications were permanently lost For many users, these changes are what made the computer “theirs” and they replied heavily upon their customizations to efficiently get work done The loss was . GNU, Mach, Xfree86, NEXTSTEP, and OPENSTEP. The OS X Kernel In a nutshell the real OS X is when the combination of several components come together. XNU is the actual OS X kernel name on the. Technologies and OS X . . . . . . . . . . . . . . . . . . . . . . . 289 Introduction: OS9 TO OS X . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 290 OS X Security and. granted on Mac OS X, but as I write this, I’m recalling occasions when Internet Explorer brought my entire system down multiple times in a single day. www.syngress.com Macintosh OS X Boot Process